rpm package
suse/dcmtk&distro=SUSE Package Hub 15 SP6
pkg:rpm/suse/dcmtk&distro=SUSE%20Package%20Hub%2015%20SP6
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-25475 | — | < 3.6.9-bp156.4.6.1 | 3.6.9-bp156.4.6.1 | Feb 18, 2025 | A NULL pointer dereference in the component /libsrc/dcrleccd.cc of DCMTK v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DICOM file. | ||
| CVE-2025-25474 | — | < 3.6.9-bp156.4.6.1 | 3.6.9-bp156.4.6.1 | Feb 18, 2025 | DCMTK v3.6.9+ DEV was discovered to contain a buffer overflow via the component /dcmimgle/diinpxt.h. | ||
| CVE-2025-25472 | — | < 3.6.9-bp156.4.6.1 | 3.6.9-bp156.4.6.1 | Feb 18, 2025 | A buffer overflow in DCMTK git master v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DCM file. | ||
| CVE-2024-52333 | — | < 3.6.9-bp156.4.3.1 | 3.6.9-bp156.4.3.1 | Jan 13, 2025 | An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. | ||
| CVE-2024-47796 | — | < 3.6.9-bp156.4.3.1 | 3.6.9-bp156.4.3.1 | Jan 13, 2025 | An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. | ||
| CVE-2024-27628 | — | < 3.6.9-bp156.4.3.1 | 3.6.9-bp156.4.3.1 | Jun 28, 2024 | Buffer Overflow vulnerability in DCMTK v.3.6.8 allows an attacker to execute arbitrary code via the EctEnhancedCT method component. | ||
| CVE-2024-34509 | — | < 3.6.9-bp156.4.3.1 | 3.6.9-bp156.4.3.1 | May 5, 2024 | dcmdata in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message. | ||
| CVE-2024-34508 | — | < 3.6.9-bp156.4.3.1 | 3.6.9-bp156.4.3.1 | May 5, 2024 | dcmnet in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message. |
- CVE-2025-25475Feb 18, 2025affected < 3.6.9-bp156.4.6.1fixed 3.6.9-bp156.4.6.1
A NULL pointer dereference in the component /libsrc/dcrleccd.cc of DCMTK v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DICOM file.
- CVE-2025-25474Feb 18, 2025affected < 3.6.9-bp156.4.6.1fixed 3.6.9-bp156.4.6.1
DCMTK v3.6.9+ DEV was discovered to contain a buffer overflow via the component /dcmimgle/diinpxt.h.
- CVE-2025-25472Feb 18, 2025affected < 3.6.9-bp156.4.6.1fixed 3.6.9-bp156.4.6.1
A buffer overflow in DCMTK git master v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DCM file.
- CVE-2024-52333Jan 13, 2025affected < 3.6.9-bp156.4.3.1fixed 3.6.9-bp156.4.3.1
An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.
- CVE-2024-47796Jan 13, 2025affected < 3.6.9-bp156.4.3.1fixed 3.6.9-bp156.4.3.1
An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.
- CVE-2024-27628Jun 28, 2024affected < 3.6.9-bp156.4.3.1fixed 3.6.9-bp156.4.3.1
Buffer Overflow vulnerability in DCMTK v.3.6.8 allows an attacker to execute arbitrary code via the EctEnhancedCT method component.
- CVE-2024-34509May 5, 2024affected < 3.6.9-bp156.4.3.1fixed 3.6.9-bp156.4.3.1
dcmdata in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message.
- CVE-2024-34508May 5, 2024affected < 3.6.9-bp156.4.3.1fixed 3.6.9-bp156.4.3.1
dcmnet in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message.